Ethereal-users: Re: [Ethereal-users] Problems with GTP V1 parsing...
(If you reply only to me, you won't get an answer until I get home
tomorrow and read my mail. Reply to the list instead, as I'll see it at
work *AND* the developers of the GTP dissector may also see it - they
may be able to help you more than I can.)
On Fri, Jan 25, 2002 at 01:06:21PM -0600, Eric Williamson wrote:
> I am having problems with Ethereal capturing GTP V1 packets. If I have more
> than one filter value in the Traffic Flow Template, the Ethereal process
> hangs.
The code that I infer handles traffic flow template items
("decode_gtp_tft()") does appear to have a bug - it only increments the
packet offset in the loop if the tft_code value is 2 - but that
shouldn't cause an infinite loop, as the loop is
for (i=0;i<no_packet_filters;i++) {
...
}
so that loop should eventually terminate ("no_packet_filters" is at most
15).
If you're running this on a UNIX-compatible OS, you might try capturing
some traffic of that sort to a file (with Tethereal, or with tcpdump
with a "-s 65535" argument, using the "-w" flag to specify a file to
write the capture to), and then read it with Tethereal doing
tethereal -V -r {the file}
and, if Tethereal hangs, terminate it with the "quit" character
(control-backslash). That should produce a core dump; try running your
debugger on Tethereal with that core dump file, and getting a stack
trace.
